U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*
There are 91 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2006-5619

The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels.

Published: October 31, 2006; 2:07:00 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-5174

The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer.

Published: October 10, 2006; 12:06:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-3741

The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file descriptor consumption).

Published: October 10, 2006; 12:05:00 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2006-4538

Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries.

Published: September 05, 2006; 3:04:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2006-3468

Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only.

Published: July 21, 2006; 10:03:00 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2006-2936

The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued.

Published: July 10, 2006; 3:05:00 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2006-2451

The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.

Published: July 07, 2006; 2:05:00 PM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2006-0456

The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors.

Published: June 27, 2006; 7:05:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-2445

Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting.

Published: June 23, 2006; 6:02:00 AM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2006-2448

Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and possibly read kernel memory on 32-bit systems (signal_32.c).

Published: June 23, 2006; 6:02:00 AM -0400
V3.x:(not available)
V2.0: 5.6 MEDIUM
CVE-2006-3085

xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length.

Published: June 23, 2006; 6:02:00 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2006-2444

The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.

Published: May 25, 2006; 6:02:00 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2006-1857

Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk.

Published: May 22, 2006; 12:06:00 PM -0400
V3.x:(not available)
V2.0: 9.0 HIGH
CVE-2006-1858

SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.

Published: May 22, 2006; 12:06:00 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2006-1856

Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions.

Published: May 19, 2006; 7:02:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2006-1052

The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.

Published: May 05, 2006; 8:46:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-2071

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs.

Published: April 27, 2006; 1:06:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-1056

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.

Published: April 20, 2006; 6:02:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-1525

ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference.

Published: April 19, 2006; 2:18:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2006-0744

Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.

Published: April 18, 2006; 6:02:00 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM